First published: Fri Mar 24 2023(Updated: )
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2.
Credit: security@huntr.dev
Affected Software | Affected Version | How to fix |
---|---|---|
Lfprojects Mlflow | <2.2.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2023-1176.
CVE-2023-1176 has a severity rating of 3.3, which is considered medium.
The affected software for CVE-2023-1176 is mlflow/mlflow prior to version 2.2.2.
The CWE for CVE-2023-1176 are CWE-22 and CWE-36.
To fix CVE-2023-1176, update your mlflow/mlflow software to version 2.2.2 or later.